Created
December 29, 2020 05:29
-
-
Save AliAlsinan/0323e57d2345ef0b4e73c803dba93486 to your computer and use it in GitHub Desktop.
CORMS - Insecure direct object references (IDOR)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[description] | |
In Correspondence Management System (corms) in Newgen eGov 12.0, an | |
attacker can modify other users' profile information by manipulating | |
the unvalidated UserIndex parameter, aka Insecure Direct Object | |
Reference. | |
------------------------------------------ | |
[VulnerabilityType Other] | |
Insecure direct object references (IDOR) | |
------------------------------------------ | |
[Vendor of Product] | |
newgen software | |
------------------------------------------ | |
[Affected Product Code Base] | |
Correspondence Management System (corms) - eGov 12.0 | |
------------------------------------------ | |
[Affected Component] | |
Profile Page of users. user can access and modify other personal setting page | |
------------------------------------------ | |
[Attack Type] | |
Remote | |
------------------------------------------ | |
[Impact Code execution] | |
true | |
------------------------------------------ | |
[Impact Escalation of Privileges] | |
true | |
------------------------------------------ | |
[Impact Information Disclosure] | |
true | |
------------------------------------------ | |
[Attack Vectors] | |
user can manipulate parameter in personal setting page. this parameter can allow un-authorize access to change other user's personal information | |
------------------------------------------ | |
[Reference] | |
https://newgensoft.com/solutions/industries/government/e-gov-office/ | |
------------------------------------------ | |
[Has vendor confirmed or acknowledged the vulnerability?] | |
true | |
------------------------------------------ | |
[Discoverer] | |
ALI AL SINAN | |
------------------------------------------ | |
[CVE] | |
CVE-2020-35737. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment